The personal data of 1.8 million voters in the Chicago leaked on the Internet due to a malfunction in the Computer Security system, CNN reported. The company that services the electronic systems for voting, Election Systems & Software (ES & S) confirmed the leakage of information from the server. The incident occurred on August 12.
Only personal data of voters was leaked
According to CNN, the company quickly restored the security system after receiving a notification of a leak from the authorities and they conducted an internal investigation. The leaked data contained names, addresses, birth dates of voters, social security numbers and other data.
There was no any voting information regarding someone's actual vote could be leaked but no one except the staff of UpGuard noticed the leak. The leaked data was discovered by Upguard Researchers and included the information of people from Verizon and the company which analyzes GOP.
According to Jim Allen ( a spokesman for the Board of Election Commissioners of Chicago), the information of voters was not affected by the leak. He also said that "We deeply regret this. It was a violation of our information security protocol by the vendor." The ES & S has no details that indicate the information was accessed by someone else other than the researchers who noticed the leak, CNN reported
What did researchers say?
According to CNN, the leaked data was stored on the Amazon Web Services (AWS) server which showed that someone at ES&S misconfigured security settings and uncovered the data on the internet.
Jon Hendren (security researcher at Upguard) send the cache of leaked data to Chris Vickery, an analyst who examined the data.
Vickery said, "this data would be an identity thief's dream to find." He also added that the leaked information contained the administration credentials of the voting.
According to Gizmodo, the Federal Bureau Investigation (FBI) was alerted about the major leaked data of voters and they started a full investigation with the help of UpGuard and it is ongoing.
The website also added that an ES&S electronic poll book (a device to count votes) was hacked this year in Las Vegas and around 654,517 people's personal information was leaked, including their date of births, names, addresses etc.
Marisel Hernandez (Chairwoman of Chicago Election Board) said in a statement that "We are deeply troubled to learn of this incident, and very relieved to have it contained quickly," Gizmodo reported.